Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/XINYUN/nxqKU3fLxdT-aORFyOXCknH4l-g.roa
File:                     nxqKU3fLxdT-aORFyOXCknH4l-g.roa (raw, json)
Hash identifier:          aRqKHy7DWE5oQ+aO+RQh5aAUCffjTh0xsKs6cVkEXUM=
Subject key identifier:   9F:1A:8A:53:77:CB:C5:D4:FE:68:E4:45:C8:E5:C2:92:71:F8:97:E8
Certificate issuer:       /CN=84F850C0651B699E190DC9D97CD1DE326C164EC5
Certificate serial:       0C04
Authority key identifier: 84:F8:50:C0:65:1B:69:9E:19:0D:C9:D9:7C:D1:DE:32:6C:16:4E:C5
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/hPhQwGUbaZ4ZDcnZfNHeMmwWTsU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/XINYUN/nxqKU3fLxdT-aORFyOXCknH4l-g.roa
Signing time:             Wed 03 Feb 2021 16:45:07 +0000
ROA not before:           Wed 03 Feb 2021 16:45:07 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     38047
IP address blocks:        103.133.154.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3076 (0xc04)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84F850C0651B699E190DC9D97CD1DE326C164EC5
        Validity
            Not Before: Feb  3 16:45:07 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=9F1A8A5377CBC5D4FE68E445C8E5C29271F897E8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:8a:81:56:70:c2:b0:d5:8b:14:e0:34:59:c1:
                    3a:96:8c:ab:f8:bd:80:6b:f9:a7:0b:41:e5:fe:02:
                    c5:e8:e5:92:bb:22:b6:be:97:3d:fb:a2:83:d9:61:
                    aa:48:19:d7:b9:f4:df:7a:65:6c:1d:00:44:82:ed:
                    65:d6:05:90:61:35:ef:4b:c2:ba:fb:fe:de:78:55:
                    2c:67:48:fb:3c:b1:37:1b:0e:5d:ba:34:55:1f:0a:
                    b0:19:fc:29:8e:a4:2a:ea:43:93:25:88:7d:a3:e5:
                    23:e6:b3:6b:3b:5a:1e:82:cf:ee:49:71:2e:ba:74:
                    0c:23:06:a9:8c:ba:95:c0:78:09:04:48:24:c4:40:
                    1e:f8:d2:08:4e:8d:4e:41:9e:36:52:d9:88:82:44:
                    fd:48:70:43:15:5d:8f:7b:9d:77:e1:95:68:8f:b3:
                    fa:d2:22:08:6c:61:31:a5:17:64:69:fb:1d:fa:b6:
                    07:99:12:35:79:d0:6c:31:84:34:20:3a:45:df:98:
                    df:e3:dd:ac:f7:d4:fa:55:9a:0d:d1:7a:5c:37:be:
                    af:9b:06:7c:60:2f:ea:c9:68:24:96:9b:3b:a9:9f:
                    e6:1b:f3:67:af:9c:23:5d:06:e7:ce:46:51:9b:eb:
                    0a:c3:15:30:71:9e:bf:8d:53:d5:5e:ee:47:f5:c3:
                    d4:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:1A:8A:53:77:CB:C5:D4:FE:68:E4:45:C8:E5:C2:92:71:F8:97:E8
            X509v3 Authority Key Identifier:
                keyid:84:F8:50:C0:65:1B:69:9E:19:0D:C9:D9:7C:D1:DE:32:6C:16:4E:C5

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XINYUN/hPhQwGUbaZ4ZDcnZfNHeMmwWTsU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/hPhQwGUbaZ4ZDcnZfNHeMmwWTsU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XINYUN/nxqKU3fLxdT-aORFyOXCknH4l-g.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.133.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:b3:8e:6c:c7:e4:8f:9b:b0:78:84:fc:76:56:81:8e:32:63:
         f8:29:77:34:81:ac:50:9a:99:79:2a:95:a2:bd:60:dd:5b:69:
         e6:1a:94:7f:40:fe:c6:b8:16:69:06:cc:23:39:cc:bf:38:d6:
         d8:f9:2e:6b:cd:4b:e4:a7:af:74:a7:e1:86:04:80:cd:f9:58:
         b4:63:1e:3c:4c:33:5a:82:f7:ce:1c:fc:ac:c8:ef:61:d9:12:
         4b:72:99:13:0d:ea:3c:05:35:c0:6f:96:9e:0c:ec:dd:67:bf:
         59:57:20:37:59:05:23:6e:7d:f4:0e:21:d0:26:44:ca:0d:6c:
         16:98:92:9c:b9:21:a4:4f:09:60:d1:f9:c2:75:85:a7:99:2f:
         25:03:8d:cf:5e:c9:e1:44:49:3f:07:a1:a7:a9:10:8c:b6:0e:
         29:53:11:c5:8f:d3:5b:bd:26:79:07:25:0d:1e:db:06:36:a6:
         ae:3d:f8:3f:c4:62:7b:9e:d1:1e:1b:2d:7c:a6:6f:0e:46:d1:
         a5:1e:25:5c:f3:5d:5b:04:ad:84:b7:41:a1:92:b0:9e:4c:36:
         9a:5f:7b:6b:51:c2:53:b1:2c:12:63:47:a2:92:c8:88:0d:57:
         b9:6d:61:ec:b9:7a:91:14:9a:87:9f:a4:b2:30:6f:c0:20:b0:
         27:d8:3d:06
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDAQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODRG
ODUwQzA2NTFCNjk5RTE5MERDOUQ5N0NEMURFMzI2QzE2NEVDNTAeFw0yMTAyMDMx
NjQ1MDdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDlGMUE4QTUzNzdDQkM1
RDRGRTY4RTQ0NUM4RTVDMjkyNzFGODk3RTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKioFWcMKw1YsU4DRZwTqWjKv4vYBr+acLQeX+AsXo5ZK7Ira+
lz37ooPZYapIGde59N96ZWwdAESC7WXWBZBhNe9Lwrr7/t54VSxnSPs8sTcbDl26
NFUfCrAZ/CmOpCrqQ5MliH2j5SPms2s7Wh6Cz+5JcS66dAwjBqmMupXAeAkESCTE
QB740ghOjU5BnjZS2YiCRP1IcEMVXY97nXfhlWiPs/rSIghsYTGlF2Rp+x36tgeZ
EjV50GwxhDQgOkXfmN/j3az31PpVmg3Relw3vq+bBnxgL+rJaCSWmzupn+Yb82ev
nCNdBufORlGb6wrDFTBxnr+NU9Ve7kf1w9TzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUnxqKU3fLxdT+aORFyOXCknH4l+gwHwYDVR0jBBgwFoAUhPhQwGUbaZ4ZDcnZ
fNHeMmwWTsUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWElOWVVO
L2hQaFF3R1ViYVo0WkRjblpmTkhlTW13V1RzVS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvaFBoUXdHVWJhWjRaRGNuWmZOSGVNbXdXVHNVLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvWElOWVVOL254cUtVM2ZMeGRULWFPUkZ5
T1hDa25INGwtZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn
hZowDQYJKoZIhvcNAQELBQADggEBAC6zjmzH5I+bsHiE/HZWgY4yY/gpdzSBrFCa
mXkqlaK9YN1baeYalH9A/sa4FmkGzCM5zL841tj5LmvNS+Snr3Sn4YYEgM35WLRj
HjxMM1qC984c/KzI72HZEktymRMN6jwFNcBvlp4M7N1nv1lXIDdZBSNuffQOIdAm
RMoNbBaYkpy5IaRPCWDR+cJ1haeZLyUDjc9eyeFEST8HoaepEIy2DilTEcWP01u9
JnkHJQ0e2wY2pq49+D/EYnue0R4bLXymbw5G0aUeJVzzXVsErYS3QaGSsJ5MNppf
e2tRwlOxLBJjR6KSyIgNV7ltYey5epEUmoefpLIwb8AgsCfYPQY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:51 2024 by rpki-client on console-ams.rpki-client.org